diff options
| author | Kirill A. Shutemov <kirill@shutemov.name> | 2011-07-12 20:29:12 +0300 |
|---|---|---|
| committer | Vicent Marti <tanoku@gmail.com> | 2011-07-13 02:03:34 +0200 |
| commit | b16692faa3c39f8342f40ad14c70480b9126614b (patch) | |
| tree | 132d634a1b2f3c46ed6ccee62d9de7bb53faa93b /src/index.c | |
| parent | ae9f771c995e2e8d8116e120636bec2aea09889a (diff) | |
| download | libgit2-b16692faa3c39f8342f40ad14c70480b9126614b.tar.gz | |
index: fix potential overflow
mode field of git_index_entry_unmerged is array of unsigned ints. It's
unsafe to cast pointer to an element of the array to long int *. It may
cause overflow in git_strtol32().
Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
Diffstat (limited to 'src/index.c')
| -rw-r--r-- | src/index.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/index.c b/src/index.c index dc5024ff7..75471e5f3 100644 --- a/src/index.c +++ b/src/index.c @@ -657,10 +657,14 @@ static int read_unmerged(git_index *index, const char *buffer, size_t size) buffer += len; for (i = 0; i < 3; i++) { - if (git__strtol32((long int *) &lost->mode[i], buffer, &endptr, 8) < GIT_SUCCESS || - !endptr || endptr == buffer || *endptr) + long tmp; + + if (git__strtol32(&tmp, buffer, &endptr, 8) < GIT_SUCCESS || + !endptr || endptr == buffer || *endptr || tmp > UINT_MAX) return GIT_ERROR; + lost->mode[i] = tmp; + len = (endptr + 1) - buffer; if (size <= len) return git__throw(GIT_ERROR, "Failed to read unmerged entries"); |